Protecting contents in a document may involve encrypting one or more words in the document with an encryption key. As such, an authorized person in possession of the encryption key is able to decrypt the encrypted words to read the words in the document. Yet, various types of challenges are encountered with such practices. For example, consider a user that stores an important document with a given provider (e.g., Google Mail). The provider may encrypt the document with a given encryption key and store the encrypted document in the provider's storage networks. The provider may also store the encryption key in the provider's storage networks. Thus, the provider may possess both the encrypted document and the encryption key. As such, the provider generally has access to the contents in the encrypted document and may, in fact, access the contents of the document, possibly unbeknownst to the user. Further, consider a scenario where there is a breach and the breaching party gains access to the provider's storage networks. In such a scenario, the breaching party may gain access to both the encrypted document stored and the encryption key maintained by the provider, thereby risking exposure of the contents in the document. Thus, there are security risks by entrusting the document with the provider.
In addition, various systems may also encounter challenges with balancing the level of security provided by the system and the overall efficiency of the system to search for the documents. For example, consider a scenario where a provider encrypts each word in a document to maintain a higher level of security of the document. As such, if the user searches for the document, the provider may decrypt each word in the document such that the search may be performed. Thus, encrypting each word in the document to protect its contents and decrypting each word in the document simply to search for the document may adversely affect the overall system efficiency, particularly if there is large number of documents that need to be decrypted and searched accordingly.
As such, there is much need for improvements in data security and further balancing the level of security with the overall system efficiency.